package com.zm.sgin.web;

import com.zm.sgin.bean.Result;
import com.zm.sgin.bean.SginProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpSession;

@RestController
@RequestMapping("sgin")
public class SginDo {

    @Autowired
    SginProperties properties;

    @RequestMapping("props")
    public SginProperties props(){
        return properties;
    }

    @Autowired
    JdbcTemplate jdbcTemplate;

    @RequestMapping("login")
    Result login(String username, String password, HttpSession session) {
        if (username == null || username.isBlank()){
            return new Result(-1,"请输入账号！",null);
        }
        if (password == null || password.isBlank()){
            return new Result(-2,"请输入密码！",null);
        }

        if("MD5".equalsIgnoreCase(properties.getEncryption())){
            //数据库判断用户
            String sql = "select * from %s where %s = MD5(concat(?,?))";
            sql = String.format(sql, properties.getUserTable(), properties.getPasswordColumn());
            try {
                Object user = jdbcTemplate.queryForObject(sql,new BeanPropertyRowMapper<>(properties.getUserClassObject()),username,password);
                session.setAttribute(properties.getSessionKey(),user);
            } catch (DataAccessException e){
                e.printStackTrace();
                return new Result(-3,"用户名或密码错误！",null);
            }
        }else {
            //数据库判断用户
            String sql = "select * from %s where %s = ? and %s = ?";
            sql = String.format(sql, properties.getUserTable(), properties.getUsernameColumn(), properties.getPasswordColumn());
            try {
                Object user = jdbcTemplate.queryForObject(sql,new BeanPropertyRowMapper<>(properties.getUserClassObject()),username,password);
                session.setAttribute(properties.getSessionKey(),user);
            } catch (DataAccessException e){
                e.printStackTrace();
                return new Result(-3,"用户名或密码错误！",null);
            }
        }


        return new Result(1,"登陆成功！",null);
    }

    @RequestMapping("myinfo")
    Result myinfo(HttpSession session){
        Object myinfo = session.getAttribute(properties.getSessionKey());
        if (myinfo == null){
            return new Result(0,"未登录！",null);
        }else {
            return new Result(1,"已登录！",myinfo);
        }
    }

    @RequestMapping("logout")
    ModelAndView logout(HttpSession session,ModelAndView mav){
        session.invalidate();
        mav.setViewName("redirect:/");
        return mav;
    }

    @RequestMapping("forgetEmail")
    Result forgetEmail(String username){
        String sql = "select email from %s where %s = ?";
        sql = String.format(sql, properties.getUserTable(), properties.getUsernameColumn());
        String email;
        try {
            email = jdbcTemplate.queryForObject(sql,String.class,username);
        } catch (DataAccessException e){
            e.printStackTrace();
            return new Result(-3,"没有该账号！",null);
        }
        return new Result(1,"查找成功！",email);

    }
}
